Ironsquirrel – Encrypted Exploit Delivery For The Masses

This project aims at delivering browser exploits to the victim browser in an encrypted fashion. Ellyptic-curve Diffie-Hellman (secp256k1) is used for key agreement and AES is used for encryption. By delivering the exploit code (and shellcode) to the victim in an encrypted way, the attack can not be replayed. Meanwhile the HTML/JS source is encrypted thus reverse engineering the exploit is significantly harder.

Getting Started

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes.

Prerequisites

Mandatory dependencies – clone the IRONSQUIRREL project, cd into the project directory, and run the following commands:

Example

Listening on 2345
GET / HTTP/1.1
GET /sjcl.js HTTP/1.1
GET /dh.js HTTP/1.1
GET /client_pub.html?cl=SOifQJetphU2CvFzZl239nKPYWRGEH23ermGMszo9oqOgqIsH5XxXi1vw4P4YFWDqK6v4o4jIpAVSNZD1x5NTw%3D%3D HTTP/1.1
GET /final.html HTTP/1.1
GET /sjcl.js HTTP/1.1
The end